turbot/docker_compliance

Query: docker_container_default_seccomp_profile_disabled

Usage

powerpipe query docker_compliance.query.docker_container_default_seccomp_profile_disabled

Steampipe Tables

SQL

select
id as resource,
case
when inspect->'HostConfig'->'SecurityOpt' @> '["seccomp=unconfined"]' then 'alarm'
else 'ok'
end as status,
case
when inspect->'HostConfig'->'SecurityOpt' @> '["seccomp=unconfined"]' then (names ->> 0) || ' default seccomp profile disabled.'
else (names ->> 0) || ' default seccomp profile not disabled.'
end as reason
, _ctx ->> 'connection_name' as connection_name
from
docker_container;

Controls

The query is being used by the following controls: